About the Role

At ANZ our purpose is to shape a world where people and communities thrive. We’re making this happen by improving the financial wellbeing and sustainability of our customers so they can achieve incredible things– whether they’re buying a home, building a business, or saving for things big or small. 

The Security Partner is critical to making this happen and will have the opportunity to manage ANZ China technology risk, information security and technology compliance obligations. A key role in the Assurance, Compliance and Security (ACS) International team. Reports to the Head of Technology – China and dotted line into the Technology Risk & Security Partner Lead, International

As a Security Partner (Line 1 Risk) in our Institutional Technology team, you will drive technology operational risk excellence using the ANZ Risk Management Framework. You will be supporting the ANZ China Country Technology teams to ensure their key risks are understood and well managed. In addition, you will drive continued information security maturity uplift and support technology regulatory compliance obligations.

As part of this role, you will work with Country Technology teams to improve their risk maturity and proficiency and provide line 1 technology risk assurance management and information security services. Facing into internal audit and external regulatory engagements for the assigned portfolios to support positive outcomes, and execution of associated treatment plans. Perform, lead and/or provide input into risk assessments as well as initiatives assessments against country technology regulatory requirements and develop strong relationships with business stakeholders through strong communication and presentation skills – be able to translate deep technical matters into business impacts.

You will lead activities to sustain and improve compliance with internal information security policies and external regulatory requirements, determine technical and business impacts from technology risks arising from operational risk activities or security processes such as penetration testing, independent security assessments etc., building staff and customer security awareness through delivery of communication and training programs, and providing business support and leadership on information security matter.

This role requires management of a small team (2 FTE) and also includes supporting security operational activities in country linked to key security concepts such as privileged access management, security log monitoring and the like.

Role Location: ANZ China (Shanghai) – this role works in ANZ office 2-3x a week

Role Type: Permanent, Full-time

What will you bring?

To be successful in this role, you will ideally bring the following –

• A track record in a technology risk, assurance, audit or compliance-based role
• Proven experience providing risk and assurance expertise, ideally to Technology based business units and Institutional Banking exposure
• Strong presentation skills and proven track record of driving strategic change
• A pragmatic and balanced approach to upholding fundamental risk principals and requirements of risk management frameworks.
• Understanding of the regulatory environment and potential impacts – strong understanding of China banking regulations related to information security and technology
• Information security and risk industry qualification desired - CISSP and/or CISA qualification or equivalent qualifications
• Experience and understanding of cloud security control environments and risks
• Technical architecture and security design experience is preferred
• Ability to drive and manage own workload and operate within defined deadlines
• Strong analytical and problem-solving skills to develop acceptable solutions for the business
• Ability to tailor your communication to your audience level of understanding and communicate in a simple manner which is easily understood by non-risk practitioners
• It will be great to have the understanding of China regulation in local incorporated bank information security standard, datacentre management, outsourcing management, cross border data access restriction, personal information protection
• Ability to have written/verbal communication with local regulator, public security and third party security partner
• Skill to manage onshore placed utilization: privilege account management tool, system performance monitoring tool, system configuration monitoring tool, venerability scanning tool

Why join us?

There’s something special about being part of ANZ.  From the moment you join us, you’re part of a team working towards a common goal: improving the financial wellbeing and sustainability of our millions of customers. 

As a Purpose-led bank, we’ve committed to delivering commercial and societal outcomes across environmental sustainability, financial wellbeing and household affordability.  We deliver these sustainability commitments with our customers, in our business and across the communities where we operate. 

But it’s not just our customers who’ll feel your impact. You’ll feel it too. Because at ANZ, you’ll have the resources and community you need to take the next big step in your career, towards even bigger things in the future.

We offer a range of benefits tailored to the countries in which we operate including Health and Wellbeing programs and flexible working arrangements.

You’ll also enjoy working in a diverse and inclusive workplace where the different backgrounds, perspectives and life experiences of our people are celebrated. We encourage you to talk to us about any adjustments you may require to our recruitment process or the role itself. If you are a candidate with a disability, let us know how we can provide you with additional support.

To find out more about working at ANZ or to view other opportunities visit www.careers.anz.com. You may apply for this role by visiting ANZ Careers and searching for reference number 16459.

Job Posting End Date

15th February 2023, 11.59pm, (Melbourne Australia)